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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

1 . (currently amended) A method for accessing resources on a private 
network via an intermediary server, said method comprising: 

receiving a login request from a user for access to the intermediary server; 

accessing an external authentication server to authenticate authenticating 
the user in response to the login request; 

receiving a resource request from the authenticated user at the 
intermediary server, the resource request requesting a particular operation with respect to 
a resource from the private network; 

obtaining access privileges for the authenticated user in response to the 
resource request; 

determining whether the access privileges for the authenticated user 
permit the authenticated user to perform the particular operation at the private network; 
and 

preventing, by the intermediary server, performance of the particular 
operation at the private network if the access privileges for the authenticated user do not 
permit the authenticated user to perform the particular operation at the private network. 

2. (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where the particular operation is one of a file access operation or an email operation. 
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3. (canceled) 

4. (currently amended) [[A]] The method of as recited in claim [[3]] 1, 
wherein where the external authentication server is within the private network. 

5 . (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where the intermediary server stores the access privileges for a plurality of users. 

6. (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where the intermediary server stores an authentication identifier for each of a plurality of 
users, the authentication identifier identifying [[an]] the external authentication server te 
bo used to perform said authenticating . 

7. (currently amended) [[A]] The method of as recited in claim 6, wherein 
where the external authentication server is within the private network. 

8. (currently amended) ffAH The method of as recited in claim 7, wherein 
where the authentication identifier comprises a network address for the external 
authentication server. 

9. (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where the resource request is from a client-side application running on a client machine. 
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10. (currently amended) [[A]] The method of as recited in claim 9, wherein 
where the client-side application is one of: a web browser, an email application or a file 
access application. 

1 1 . (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where the user is a remote user. 

12. (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where the resource request is from a client-side application running on a remote client 
machine. 

1 3 . (currently amended) [[A]] The method of as rocitod in claim 1 , wherein 
where the private network is an intranet or a corporate network. 

14. (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where the resource request is from a network browser. 

1 5 . (currently amended) [[A]] The method of as recited in claim 1 , wherein 
where said method further comprises: 

performing the particular operation at the private network to determine a 
response to the resource request if the access privileges for the authenticated user permit 
the authenticated user to perform the particular operation at the private network. 
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16. (currently amended) [[A]] The method of as recited in claim 1, wherein 
where the authenticated user has an Internet Protocol (IP) address and 

wherein where said determining if the access privileges for the 
authenticated user permit the authenticated user to perform the particular operation 
comprises: 

determining whether the access privileges for the authenticated 
user permit the authenticated user to perform the particular operation at the private 
network; and 

determining whether the IP address is authorized. 

17. (currently amended) [[A]] The method of as recited in claim 16, whoroin 
where said determining if the access privileges for the authenticated user permit the 
authenticated user to perform the particular operation further comprises: 

determining whether time-of-day restrictions are satisfied. 

18. (currently amended) [[A]] The method of as recited in claim 17, wherein 
where the access privileges comprise permitted operations, authorized IP addresses, and 
time-of-day restrictions for the authenticated user. 

19. (currently amended) A method for providing remote access to a private 
network via an intermediary server, said method comprising: 

receiving a login request from a remote user for access to the intermediary 

server; 
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accessing an external authentication server to determine determining 

whether the remote user is permitted access to the intermediary server based on the login 

request; 

granting the remote user access to the intermediary server if the remote 
user is permitted access to the intermediary server, the granted access carrying access 
privileges to a portion of the private network; 

receiving a resource request from the remote user at the intermediary 
server if the remote user is granted access to the intermediary server, the resource request 
requesting a particular resource on the private network; 

determining whether the resource request from the remote user is 
permitted by the access privileges; 

supplying the particular resource to the remote user through the 
intermediary server if the resource request from the remote user is permitted by the 
access privileges; and 

denying the remote user from access to the particular resource by the 
intermediary server if the resource request from the remote user is not permitted by the 
access privileges. 

20. (currently amended) [[A]] The method of as recited in claim 19, wherein 
where said supplying the particular resource comprises: 

retrieving the particular resource from a content server; 

modifying at least one URL within the retrieved particular resource; and 

sending the modified particular resource to the remote user. 
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2 1 . (currently amended) [[A]] The method of as recited in claim 1 9, wherein 
where said supplying the particular resource comprises: 

obtaining a response to the request for the particular resource; 
modifying the response so that links within the response point to the 
intermediary server; and 

sending the modified response to the remote user. 

22. (currently amended) [[A]] The method of as recited in claim 19, wherein 
where said supplying the particular resource comprises: 

determining a host name for a remote server hosting the particular 
resource being requested; 

sending a request for the particular resource to the remote server based on 
the determined host name; and 

receiving, at the intermediary server, a response to the request from the 

remote server. 



23. (currently amended) [[A]] The method of as recited in claim 22, wherein 
where said supplying the particular resource comprises: 

modifying the response so that links within the response point to the 
intermediary server; and 

sending the modified response to the remote user. 
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24. (currently amended) [[A]] The method of as recited in claim 19, wherein 
where the private network is an intranet. 

25. (currently amended) [[A]] The method of as recited in claim 19, wherein 
where the resource request is from a network browser. 

26. (currently amended) [[A]] The method of as recited in claim 19, wherein 
where the resource request is from a client-side application running on a remote client 
machine. 

27. (currently amended) [[A]] The method of as recited in claim 26, wherein 
where the client-side application includes one of: a web browser, an email application or 
a file access application. 

28. (currently amended) [[A]] The method of as recited in claim 19, wherein 
where the private network is a corporate network. 

29-33. (canceled). 

34. (currently amended) A tangible computer readable memory device 
medium including computer-executable program code for enabling access to resources on 
a private network via an intermediary server, said computer readable memory device 
medium comprising: 
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computer program code for receiving a login request from a user for 
access to the intermediary server; 

computer program code for accessing an external authentication server to 
determine determining whether the user is permitted access to the intermediary server in 
response to the login request; 

computer program code for receiving a resource request from the user at 
the intermediary server after it has been determined that the user is permitted access to 
the intermediary server, the resource request requesting a particular operation with 
respect to a resource from the private network; 

computer program code for obtaining access privileges for the user in 
response to the resource request; 

computer program code for determining whether the access privileges for 
the user permit the user to perform the particular operation at the private network; and 

computer program code at the intermediary server to prevent performance 
of the particular operation at the private network if said computer code for determining 
determines that the access privileges for the user do not permit the user to perform the 
particular operation at the private network. 

35. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 34, wherein where the particular operation is one of a file 
access operation or an email operation. 

36. (canceled) 
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37. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 34, wherein where the intermediary server stores the access 
privileges for a plurality of users, and 

wherein where the intermediary server stores an authentication identifier 
for each of a the plurality of users, the authentication identifier identifying [[an]] the 
external authentication server to be used to perform authentication . 

38. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 34, wherein where the resource request is from a client-side 
application running on a client machine, and 

wherein where the client-side application includes one of: a web browser, 
an email application or a file access application. 

39. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 34, wherein where said computer readable medium further 
comprises: 

computer program code for performing the particular operation at the 
private network to determine a response to the resource request when said computer 
program code for determining whether the access privileges for the user permit the user 
to perform the particular operation determines that the access privileges for the user 
permit the user to perform the particular operation at the private network. 
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40. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 34, wherein where the user has an Internet Protocol (IP) 
address, and 

wherein where said computer program code for determining whether the 
access privileges for the user permit the user to perform the particular operation includes 
computer program code for determining whether the IP address is authorized. 

4 1 . (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 40, wherein where said computer program code for 
determining whether the access privileges for the user permit the user to perform the 
particular operation further includes computer program code for determining whether 
time-of-day restrictions are satisfied. 

42. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 41, wherein where the access privileges comprise permitted 
operations, authorized IP addresses, and time-of-day restrictions for a plurality of users. 

43. (canceled) 

44. (currently amended) A tangible computer readable memory device 
medium including computer-executable program code to facilitate access to a private 
network via an intermediary server, said computer readable memory device medium 
comprising: 
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computer program code for receiving a login request from a user for 
access to the intermediary server; 

computer program code for accessing an external authentication server to 
determine determining whether the user is permitted access to the intermediary server in 
response to the login request; 

computer program code for granting the user access to the intermediary 
server when said computer program code for determining whether the user is permitted 
access to the intermediary server determines that the user is permitted access, the granted 
access carrying access privileges to a portion of the private network; 

computer program code for receiving a resource request from the user at 
the intermediary server when the user is granted access to the intermediary server, the 
resource request requesting a particular resource; 

computer program code for determining whether the resource request from 
the user is permitted by the access privileges; 

computer program code for supplying the particular resource to the user 
through the intermediary server when said computer program code for determining 
whether the resource request from the user is permitted determines that the resource 
request from the user is permitted; and 

computer program code for denying the user from access to the particular 
resource when said computer program code for determining whether the resource request 
from the user is permitted determines that the resource request from the user is not 
permitted. 
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45. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 44, wherein where said computer program code for supplying 
comprises: 

computer program code for retrieving the particular resource from a 

content server; 

computer program code for modifying the particular resource by replacing 
at least one URL within the particular resource; and 

computer program code for sending the modified particular resource to the 

user. 

46. (currently amended) [[A]] The computer readable memory device of 
medium as rocitod in claim 44, whore - in where said computer program code for supplying 
comprises: 

computer program code for modifying a response to the resource request 
so that links within the response point to the intermediary server; and 

computer program code for sending the modified response to the user. 

47. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 44, wherein where said computer program code for supplying 
comprises: 

computer program code for determining a host name for a remote server 
hosting the particular resource; 
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computer program code for sending a request for the particular resource to 
the remote server based on the determined host name; and 

computer program code for receiving, at the intermediary server, a 
response to the request for the particular resource from the remote server. 

48. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 47, wherein where said computer program code for supplying 
comprises: 

computer program code for modifying the response so that links within the 
response point to the intermediary server; and 

computer program code for sending the modified response to the user. 

49. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 44, wherein where the resource request is from a client-side 
application running on a remote client machine. 

50. (currently amended) [[A]] The computer readable memory device of 
medium as recited in claim 49, wherein where the client-side application includes one of 
a web browser, an email application or a file access application. 

51-53. (canceled) 
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